From: Dmitry Stogov Date: Thu, 27 Oct 2005 19:25:07 +0000 (+0000) Subject: Fixed SIGSEGV X-Git-Tag: RELEASE_2_0_1~145 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=804e3b4f5b4a13ea0f0544e6ab21536496c96528;p=php Fixed SIGSEGV --- diff --git a/Zend/tests/unset_cv12.phpt b/Zend/tests/unset_cv12.phpt new file mode 100755 index 0000000000..a22b13dea7 --- /dev/null +++ b/Zend/tests/unset_cv12.phpt @@ -0,0 +1,11 @@ +--TEST-- +unset() CV 12 (unset() in indirect called function) +--FILE-- + +--EXPECT-- +ok diff --git a/Zend/zend_execute_API.c b/Zend/zend_execute_API.c index 6273df031f..c2f60bf969 100644 --- a/Zend/zend_execute_API.c +++ b/Zend/zend_execute_API.c @@ -1543,7 +1543,7 @@ ZEND_API void zend_reset_all_cv(HashTable *symbol_table TSRMLS_DC) int i; for (ex = EG(current_execute_data); ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == symbol_table) { + if (ex->op_array && ex->symbol_table == symbol_table) { for (i = 0; i < ex->op_array->last_var; i++) { ex->CVs[i] = NULL; } @@ -1558,7 +1558,7 @@ ZEND_API int zend_u_delete_global_variable(zend_uchar type, void *name, int name if (zend_u_hash_quick_exists(&EG(symbol_table), type, name, name_len+1, hash_value)) { for (ex = EG(current_execute_data); ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == &EG(symbol_table)) { + if (ex->op_array && ex->symbol_table == &EG(symbol_table)) { int i; for (i = 0; i < ex->op_array->last_var; i++) { if (ex->op_array->vars[i].hash_value == hash_value && diff --git a/Zend/zend_vm_def.h b/Zend/zend_vm_def.h index f674880c44..1863203707 100644 --- a/Zend/zend_vm_def.h +++ b/Zend/zend_vm_def.h @@ -2871,12 +2871,14 @@ ZEND_VM_HANDLER(74, ZEND_UNSET_VAR, CONST|TMP|VAR|CV, ANY) do { int i; - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hash_value && - ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) && - !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) { - ex->CVs[i] = NULL; - break; + if (ex->op_array) { + for (i = 0; i < ex->op_array->last_var; i++) { + if (ex->op_array->vars[i].hash_value == hash_value && + ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) && + !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) { + ex->CVs[i] = NULL; + break; + } } } ex = ex->prev_execute_data; @@ -2948,7 +2950,7 @@ ZEND_VM_HANDLER(75, ZEND_UNSET_DIM, VAR|UNUSED|CV, CONST|TMP|VAR|CV) ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1); for (ex = EXECUTE_DATA; ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == ht) { + if (ex->op_array && ex->symbol_table == ht) { int i; for (i = 0; i < ex->op_array->last_var; i++) { diff --git a/Zend/zend_vm_execute.h b/Zend/zend_vm_execute.h index 8a811bc116..5b5acdbd5f 100644 --- a/Zend/zend_vm_execute.h +++ b/Zend/zend_vm_execute.h @@ -2033,12 +2033,14 @@ static int ZEND_UNSET_VAR_SPEC_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) do { int i; - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hash_value && - ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) && - !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) { - ex->CVs[i] = NULL; - break; + if (ex->op_array) { + for (i = 0; i < ex->op_array->last_var; i++) { + if (ex->op_array->vars[i].hash_value == hash_value && + ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) && + !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) { + ex->CVs[i] = NULL; + break; + } } } ex = ex->prev_execute_data; @@ -4540,12 +4542,14 @@ static int ZEND_UNSET_VAR_SPEC_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) do { int i; - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hash_value && - ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) && - !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) { - ex->CVs[i] = NULL; - break; + if (ex->op_array) { + for (i = 0; i < ex->op_array->last_var; i++) { + if (ex->op_array->vars[i].hash_value == hash_value && + ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) && + !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) { + ex->CVs[i] = NULL; + break; + } } } ex = ex->prev_execute_data; @@ -7643,12 +7647,14 @@ static int ZEND_UNSET_VAR_SPEC_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) do { int i; - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hash_value && - ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) && - !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) { - ex->CVs[i] = NULL; - break; + if (ex->op_array) { + for (i = 0; i < ex->op_array->last_var; i++) { + if (ex->op_array->vars[i].hash_value == hash_value && + ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) && + !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) { + ex->CVs[i] = NULL; + break; + } } } ex = ex->prev_execute_data; @@ -9310,7 +9316,7 @@ static int ZEND_UNSET_DIM_SPEC_VAR_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1); for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == ht) { + if (ex->op_array && ex->symbol_table == ht) { int i; for (i = 0; i < ex->op_array->last_var; i++) { @@ -10799,7 +10805,7 @@ static int ZEND_UNSET_DIM_SPEC_VAR_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1); for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == ht) { + if (ex->op_array && ex->symbol_table == ht) { int i; for (i = 0; i < ex->op_array->last_var; i++) { @@ -12326,7 +12332,7 @@ static int ZEND_UNSET_DIM_SPEC_VAR_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1); for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == ht) { + if (ex->op_array && ex->symbol_table == ht) { int i; for (i = 0; i < ex->op_array->last_var; i++) { @@ -14257,7 +14263,7 @@ static int ZEND_UNSET_DIM_SPEC_VAR_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1); for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == ht) { + if (ex->op_array && ex->symbol_table == ht) { int i; for (i = 0; i < ex->op_array->last_var; i++) { @@ -15475,7 +15481,7 @@ static int ZEND_UNSET_DIM_SPEC_UNUSED_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1); for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == ht) { + if (ex->op_array && ex->symbol_table == ht) { int i; for (i = 0; i < ex->op_array->last_var; i++) { @@ -16575,7 +16581,7 @@ static int ZEND_UNSET_DIM_SPEC_UNUSED_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1); for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == ht) { + if (ex->op_array && ex->symbol_table == ht) { int i; for (i = 0; i < ex->op_array->last_var; i++) { @@ -17675,7 +17681,7 @@ static int ZEND_UNSET_DIM_SPEC_UNUSED_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1); for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == ht) { + if (ex->op_array && ex->symbol_table == ht) { int i; for (i = 0; i < ex->op_array->last_var; i++) { @@ -19140,7 +19146,7 @@ static int ZEND_UNSET_DIM_SPEC_UNUSED_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1); for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == ht) { + if (ex->op_array && ex->symbol_table == ht) { int i; for (i = 0; i < ex->op_array->last_var; i++) { @@ -20338,12 +20344,14 @@ static int ZEND_UNSET_VAR_SPEC_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) do { int i; - for (i = 0; i < ex->op_array->last_var; i++) { - if (ex->op_array->vars[i].hash_value == hash_value && - ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) && - !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) { - ex->CVs[i] = NULL; - break; + if (ex->op_array) { + for (i = 0; i < ex->op_array->last_var; i++) { + if (ex->op_array->vars[i].hash_value == hash_value && + ex->op_array->vars[i].name_len == Z_UNILEN_P(varname) && + !memcmp(ex->op_array->vars[i].name, Z_UNIVAL_P(varname), Z_TYPE_P(varname)==IS_UNICODE?UBYTES(Z_UNILEN_P(varname)):Z_UNILEN_P(varname))) { + ex->CVs[i] = NULL; + break; + } } } ex = ex->prev_execute_data; @@ -21842,7 +21850,7 @@ static int ZEND_UNSET_DIM_SPEC_CV_CONST_HANDLER(ZEND_OPCODE_HANDLER_ARGS) ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1); for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == ht) { + if (ex->op_array && ex->symbol_table == ht) { int i; for (i = 0; i < ex->op_array->last_var; i++) { @@ -23323,7 +23331,7 @@ static int ZEND_UNSET_DIM_SPEC_CV_TMP_HANDLER(ZEND_OPCODE_HANDLER_ARGS) ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1); for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == ht) { + if (ex->op_array && ex->symbol_table == ht) { int i; for (i = 0; i < ex->op_array->last_var; i++) { @@ -24841,7 +24849,7 @@ static int ZEND_UNSET_DIM_SPEC_CV_VAR_HANDLER(ZEND_OPCODE_HANDLER_ARGS) ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1); for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == ht) { + if (ex->op_array && ex->symbol_table == ht) { int i; for (i = 0; i < ex->op_array->last_var; i++) { @@ -26762,7 +26770,7 @@ static int ZEND_UNSET_DIM_SPEC_CV_CV_HANDLER(ZEND_OPCODE_HANDLER_ARGS) ulong hash_value = zend_u_inline_hash_func(Z_TYPE_P(offset), offset_key, offset_len+1); for (ex = execute_data; ex; ex = ex->prev_execute_data) { - if (ex->symbol_table == ht) { + if (ex->op_array && ex->symbol_table == ht) { int i; for (i = 0; i < ex->op_array->last_var; i++) {